Количество 8
Количество 8
CVE-2023-40184
xrdp is an open source remote desktop protocol (RDP) server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero (1) value on, e.g., PAM error which may result in in session restrictions such as max concurrent sessions per user by PAM (ex ./etc/security/limits.conf) to be bypassed. Users (administrators) don't use restrictions by PAM are not affected. This issue has been addressed in release version 0.9.23. Users are advised to upgrade. There are no known workarounds for this issue.
CVE-2023-40184
xrdp is an open source remote desktop protocol (RDP) server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero (1) value on, e.g., PAM error which may result in in session restrictions such as max concurrent sessions per user by PAM (ex ./etc/security/limits.conf) to be bypassed. Users (administrators) don't use restrictions by PAM are not affected. This issue has been addressed in release version 0.9.23. Users are advised to upgrade. There are no known workarounds for this issue.
CVE-2023-40184
xrdp is an open source remote desktop protocol (RDP) server. In versio ...
SUSE-SU-2023:3830-1
Security update for xrdp
SUSE-SU-2023:3735-1
Security update for xrdp
BDU:2023-07659
Уязвимость функции auth_start_session() сервера XRDP, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2023:4873-1
Security update for xrdp
ROS-20241216-08
Уязвимость xrdp
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-40184 xrdp is an open source remote desktop protocol (RDP) server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero (1) value on, e.g., PAM error which may result in in session restrictions such as max concurrent sessions per user by PAM (ex ./etc/security/limits.conf) to be bypassed. Users (administrators) don't use restrictions by PAM are not affected. This issue has been addressed in release version 0.9.23. Users are advised to upgrade. There are no known workarounds for this issue. | CVSS3: 2.6 | 0% Низкий | больше 2 лет назад |
 | CVE-2023-40184 xrdp is an open source remote desktop protocol (RDP) server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero (1) value on, e.g., PAM error which may result in in session restrictions such as max concurrent sessions per user by PAM (ex ./etc/security/limits.conf) to be bypassed. Users (administrators) don't use restrictions by PAM are not affected. This issue has been addressed in release version 0.9.23. Users are advised to upgrade. There are no known workarounds for this issue. | CVSS3: 2.6 | 0% Низкий | больше 2 лет назад |
| CVE-2023-40184 xrdp is an open source remote desktop protocol (RDP) server. In versio ... | CVSS3: 2.6 | 0% Низкий | больше 2 лет назад |
 | SUSE-SU-2023:3830-1 Security update for xrdp | 0% Низкий | больше 2 лет назад | |
| SUSE-SU-2023:3735-1 Security update for xrdp | 0% Низкий | больше 2 лет назад | |
 | BDU:2023-07659 Уязвимость функции auth_start_session() сервера XRDP, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 6.5 | 0% Низкий | больше 2 лет назад |
| SUSE-SU-2023:4873-1 Security update for xrdp | около 2 лет назад | ||
 | ROS-20241216-08 Уязвимость xrdp | CVSS3: 6.5 | 0% Низкий | около 1 года назад |
Уязвимостей на страницу